@op-engineering/op-aws-lc
Advanced tools
AWS LC with FIPS for React Native. AWS-LC is Amazons LibCrypto. Besides being tailored for their specific use-cases, it is battle tested and constantly updated. This library uses the Rust version for ease of compiling but internally it runs the same code as the base AWS-LC version (it contains code from BoringSSL and handwritten assembly).
AWS-LC-RS follows closely the Ring API, aiming to be a drop-in replacement, this library also tries to mimic the API in a JS idiomatic way.
npm install @op-engineering/op-aws-lc
npx pod-install
Or if using Expo
npm install @op-engineering/op-aws-lc
npx expo prebuild
Unfortunately, AWS-LC with FIPS does not compile for mac intel architectures, so if you add this library to your app it will not be able to be compiled for older Intel Macs.
The main motivation is not to bring yet another crypto library to the ecosystem, but rather a FIPS certified one for hardened security requirements.
FIPS (Federal Information Processing Standards) is a set of standards and guidelines for cryptographic modules, established by the US National Institute of Standards and Technology (NIST). FIPS 140-2/3 certification ensures that cryptographic modules meet rigorous security requirements for use in government and regulated industries.
Key points about FIPS:
This library binds the Rust version of AWS-LC with FIPS turned on.
import { hmac, HmacAlgorithm } from '@op-engineering/op-aws-lc';
// key is an ArrayBuffer that contains the raw bytes of the tag
const key = hmac.Key.generate(HmacAlgorithm.SHA256);
const signature = hmac.sign(key, 'hello');
const verified = hmac.verify(key, 'hello', signature);
// There are also async versions when the data you are trying to verify is large
const signature = hmac.signAsync(key, 'hello');
const verified = hmac.verifyAsync(key, 'hello', signature);
if (!verified) {
throw new Error('failed to pass hmac verfication');
}
The rest of the algorithms inside aws-lc still need to be bridged. Get in contact by joining our Discord or write to ospfranco@gmail.com for further assistance.
You can see the list of available funcitonality in the Rust crate here. Eventually op-aws-lc aims to cover all of these.
MIT
FAQs
AWS LC with FIPS for React Native
We found that @op-engineering/op-aws-lc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.
Security News
FSF files an amicus brief against Neo4j, defending the AGPL and warning against adding restrictive terms that undermine free software rights.
Research
Security News
Malicious PyPI package ‘set-utils’ steals Ethereum private keys by exfiltrating them through blockchain transactions via the Polygon RPC.